Personal Data Management Analysis

The objective of the SafeTRIP project is to create an open platform that will allow third-party developers to take advantage of the connected car, coach, or lorry. In order to illustrate what would be the most realistic situations for the use of the SafeTRIP platform, three scenarios were created and analyzed for the strengths, weaknesses, opportunities, and threats to data protection and personal security.

Each scenario named the actors in the supply chain and the responsibilities of those involved in the use of data. The analysis then describes the capabilities of the SafeTRIP platform and the rules to apply for each type of data.

SafeTRIP operator builds an exclusive relationship with its customers

In this scenario, the SafeTRIP platform operator provides on-board units and applications directly to the end users. The application provider does not have any contact with the end users and take its revenues only from the SafeTRIP platform operator. In this case, the existing privacy standards that are incorporated in the relationship between the platform operator and the end-user are applied, and no new requests for permission of personal data (e.g. a new username, password, address, and credit card details) are needed.

In this scenario, the SafeTRIP platform operator provides on-board units and connectivity directly to the end-users but the applications are provided directly to the end-user by third party companies.

The link between the SafeTRIP platform operator and the application provider can be different according to their relationship. From a legal issue perspective, we can imagine two cases:

-     Case 2A: The SafeTRIP platform operator does not own anything from the application provider and there is no need for an authorization to deploy applications.

-     Case 2B: The SafeTRIP platform operator retains the option to authorize an application, or not. Generally in this case, the SafeTRIP platform operator gains money from the authorized application providers.